I need to get the Windows XP client machines in my network to dynamically update their DNS A records. The network is an AD domain running on Windows Server 2003 R2 servers with Win XP SP3 clients. Some machines already have the "Register this connection's addresses in DNS" check box checked and sucessfully update the DNS server. But some machines do not have this check box set and I need to set this.
I read that this is possible using a GPO and I enabled the following:
Computer configuration -> Administrative templates -> Network -> DNS client
- Primary DNS Suffix
- Dynamic Update
- DNS Servers
- Connection-Specific DNS Suffix
- Register DNS records with connection-specific DNS suffix
and where required, entered the relevant parameters. Running rsop.msc in the client machines shows that the GPO has been applied. The client machines have been rebooted.
The DNS server allows "Nonsecure and secure" dynamic updates and is only accessible from our internal network.
But, the "Register this connection's addresses in DNS" check box is not set. And the hosts without this set are not updating their DNS A records. Per another suggestion in a web site, i tried running "ipconfig /registerdns", but it does not add the DNS A record.
Any advice on what I am doing wrong here would be gratefully accepted 🙂 Thank you.
Best Answer
There isn't a group policy setting to do what you're trying to do-- you're going to have to use a script.
First, I'd recommend reviewing the "Explain" tab for the settings you described above. You'll see that none of the settings actually turn on the registration behaviour you're looking for.
Assuming your machines get DNS settings from DHCP, and assuming that you don't mind this setting set back to the stock setting on all their network interfaces, assign the following in a Startup Script to the affected computers:
That will set the DNS client to get its address from DHCP, and reset the stock registration setting on all network interfaces on a Windows XP machine.
(An aside: You ought to figure out how your users changed that setting in the first place and stop them. It sounds like you have people who have 'Administrator' rights who shouldn't.)